@plusscommunities/pluss-core-aws 2.0.25-auth.0 → 2.0.25-beta.1

package/aws/getDefaultEmailAddress.js

@@ -1,26 +1,26 @@
 const AWS = require("aws-sdk");
 
 module.exports = (accessKey, secretKey) => {
-  return new Promise((resolve, reject) => {
-    if (accessKey && secretKey) {
-      AWS.config.update({
-        accessKeyId: accessKey,
-        secretAccessKey: secretKey,
-      });
+	return new Promise((resolve, reject) => {
+		if (accessKey && secretKey) {
+			AWS.config.update({
+				accessKeyId: accessKey,
+				secretAccessKey: secretKey,
+			});
 
-      const sesv2 = new AWS.SESV2();
-      const params = { PageSize: 1 };
-      sesv2.listEmailIdentities(params, (err, data) => {
-        if (err) return reject(err);
-        const { EmailIdentities } = data;
-        return resolve(
-          EmailIdentities && EmailIdentities.length > 0
-            ? EmailIdentities[0]
-            : null
-        );
-      });
-    } else {
-      resolve(null);
-    }
-  });
+			const sesv2 = new AWS.SESV2();
+			const params = { PageSize: 1 };
+			sesv2.listEmailIdentities(params, (err, data) => {
+				if (err) return reject(err);
+				const { EmailIdentities } = data;
+				return resolve(
+					EmailIdentities && EmailIdentities.length > 0
+						? EmailIdentities[0]
+						: null,
+				);
+			});
+		} else {
+			resolve(null);
+		}
+	});
 };

package/aws/getEmailService.js

@@ -1,21 +1,21 @@
 const AWS = require("aws-sdk");
 
 module.exports = (accessKey, secretKey) => {
-  return new Promise((resolve, reject) => {
-    if (accessKey && secretKey) {
-      AWS.config.update({
-        accessKeyId: accessKey,
-        secretAccessKey: secretKey,
-      });
+	return new Promise((resolve, reject) => {
+		if (accessKey && secretKey) {
+			AWS.config.update({
+				accessKeyId: accessKey,
+				secretAccessKey: secretKey,
+			});
 
-      const sesv2 = new AWS.SESV2();
-      const params = {};
-      sesv2.getAccount(params, (err, data) => {
-        if (err) return reject(err);
-        return resolve(data);
-      });
-    } else {
-      resolve(null);
-    }
-  });
+			const sesv2 = new AWS.SESV2();
+			const params = {};
+			sesv2.getAccount(params, (err, data) => {
+				if (err) return reject(err);
+				return resolve(data);
+			});
+		} else {
+			resolve(null);
+		}
+	});
 };

package/aws/getEmailServiceInfo.js

@@ -3,31 +3,31 @@ const getDefaultEmailAddress = require("./getDefaultEmailAddress");
 const { getConfig } = require("../config");
 
 module.exports = async (accessKey, secretKey) => {
-  const result = {
-    enabled: false,
-    sender: null,
-  };
-  const { emailConfig } = getConfig();
-  const service = await getEmailService(accessKey, secretKey);
-  console.log("Amazon SES status", {
-    service,
-    allwoSandbox: emailConfig.allwoSandbox,
-    forceFallback: emailConfig.forceFallback,
-  });
-  if (emailConfig.forceFallback) return result;
+	const result = {
+		enabled: false,
+		sender: null,
+	};
+	const { emailConfig } = getConfig();
+	const service = await getEmailService(accessKey, secretKey);
+	console.log("Amazon SES status", {
+		service,
+		allwoSandbox: emailConfig.allwoSandbox,
+		forceFallback: emailConfig.forceFallback,
+	});
+	if (emailConfig.forceFallback) return result;
 
-  if (
-    service &&
-    service.SendingEnabled &&
-    (emailConfig.allwoSandbox || service.ProductionAccessEnabled) &&
-    service.SendQuota.Max24HourSend > service.SendQuota.SentLast24Hours
-  ) {
-    result.enabled = true;
-    const sender = await getDefaultEmailAddress(accessKey, secretKey);
-    console.log("Amazon SES sender", sender);
-    if (sender) {
-      result.sender = sender.IdentityName;
-    }
-  }
-  return result;
+	if (
+		service &&
+		service.SendingEnabled &&
+		(emailConfig.allwoSandbox || service.ProductionAccessEnabled) &&
+		service.SendQuota.Max24HourSend > service.SendQuota.SentLast24Hours
+	) {
+		result.enabled = true;
+		const sender = await getDefaultEmailAddress(accessKey, secretKey);
+		console.log("Amazon SES sender", sender);
+		if (sender) {
+			result.sender = sender.IdentityName;
+		}
+	}
+	return result;
 };

package/aws/sendEmail.js

@@ -2,36 +2,36 @@ const AWS = require("aws-sdk");
 const { getConfig } = require("../config");
 
 module.exports = (from, to, subject, content, access = null, bcc = null) => {
-  return new Promise((resolve, reject) => {
-    const { serverlessConfig } = getConfig();
-    AWS.config.update({
-      accessKeyId: access ? access.key : serverlessConfig.key,
-      secretAccessKey: access ? access.secret : serverlessConfig.secret,
-    });
+	return new Promise((resolve, reject) => {
+		const { serverlessConfig } = getConfig();
+		AWS.config.update({
+			accessKeyId: access ? access.key : serverlessConfig.key,
+			secretAccessKey: access ? access.secret : serverlessConfig.secret,
+		});
 
-    const sesv2 = new AWS.SESV2();
-    const params = {
-      Content: {
-        Simple: {
-          Body: {
-            Html: {
-              Data: content,
-            },
-          },
-          Subject: {
-            Data: subject,
-          },
-        },
-      },
-      Destination: {
-        ToAddresses: to.split(",").map((i) => i.trim()),
-        BccAddresses: bcc ? bcc.split(",").map((i) => i.trim()) : [],
-      },
-      FromEmailAddress: from,
-    };
-    sesv2.sendEmail(params, (err, data) => {
-      if (err) return reject(err);
-      return resolve(data);
-    });
-  });
+		const sesv2 = new AWS.SESV2();
+		const params = {
+			Content: {
+				Simple: {
+					Body: {
+						Html: {
+							Data: content,
+						},
+					},
+					Subject: {
+						Data: subject,
+					},
+				},
+			},
+			Destination: {
+				ToAddresses: to.split(",").map((i) => i.trim()),
+				BccAddresses: bcc ? bcc.split(",").map((i) => i.trim()) : [],
+			},
+			FromEmailAddress: from,
+		};
+		sesv2.sendEmail(params, (err, data) => {
+			if (err) return reject(err);
+			return resolve(data);
+		});
+	});
 };

package/config.js

@@ -1,5 +1,5 @@
 let settings = {};
 exports.getConfig = () => settings;
 exports.init = (config) => {
-  settings = config;
+	settings = config;
 };

package/db/activity/publishActivity.js

@@ -1,25 +1,25 @@
-const moment = require('moment');
-const updateRef = require('../common/updateRef');
-const { getMultiRowId } = require('../../helper');
+const moment = require("moment");
+const updateRef = require("../common/updateRef");
+const { getMultiRowId } = require("../../helper");
 
 module.exports = (type, site, id, user, data) => {
-    return new Promise((resolve, reject) => {
-        const activity = {};
-        const timestamp = moment.utc();
-        activity.Timestamp = timestamp.toISOString();
-        activity.UnixTimestamp = timestamp.unix();
-        activity.Type = type;
-        activity.Site = site;
-        activity.Id = id;
-        activity.User = user;
-        activity.RowId = getMultiRowId([site, type, id, user.id]);
-        activity.Data = data;
-        updateRef(`adminactivity`, activity)
-            .then(() => {
-                resolve();
-            }).catch(error => {
-                reject(error);
-            });
-    });
+	return new Promise((resolve, reject) => {
+		const activity = {};
+		const timestamp = moment.utc();
+		activity.Timestamp = timestamp.toISOString();
+		activity.UnixTimestamp = timestamp.unix();
+		activity.Type = type;
+		activity.Site = site;
+		activity.Id = id;
+		activity.User = user;
+		activity.RowId = getMultiRowId([site, type, id, user.id]);
+		activity.Data = data;
+		updateRef(`adminactivity`, activity)
+			.then(() => {
+				resolve();
+			})
+			.catch((error) => {
+				reject(error);
+			});
+	});
 };
-

package/db/analytics/checkActivityExists.js

@@ -11,19 +11,19 @@ const indexQuery = require("../common/indexQuery");
  * @returns Whether there is any matching analytics activity
  */
 module.exports = async (entityId, entityType, actionType, userId) => {
-  const result = await indexQuery("analytics", {
-    IndexName: "AnalyticsActivityIndex",
-    KeyConditionExpression: "ActivityId = :activityId",
-    ExpressionAttributeValues: {
-      ":activityId": getMultiRowId([entityId, entityType, actionType]),
-    },
-  });
-  if (result && !_.isEmpty(result.Items)) {
-    if (userId) {
-      // check if there is matching analytics activity for that user
-      return result.Items.some((item) => item.UserId === userId);
-    }
-    return true;
-  }
-  return false;
+	const result = await indexQuery("analytics", {
+		IndexName: "AnalyticsActivityIndex",
+		KeyConditionExpression: "ActivityId = :activityId",
+		ExpressionAttributeValues: {
+			":activityId": getMultiRowId([entityId, entityType, actionType]),
+		},
+	});
+	if (result && !_.isEmpty(result.Items)) {
+		if (userId) {
+			// check if there is matching analytics activity for that user
+			return result.Items.some((item) => item.UserId === userId);
+		}
+		return true;
+	}
+	return false;
 };

package/db/analytics/logAnalyticsActivity.js

@@ -2,6 +2,7 @@ const uuid = require("uuid");
 const moment = require("moment");
 const checkActivityExists = require("./checkActivityExists");
 const updateRef = require("../common/updateRef");
+const getRole = require("../users/getRole");
 const { getMultiRowId, getRowId } = require("../../helper");
 
 /**
@@ -18,44 +19,75 @@ const { getMultiRowId, getRowId } = require("../../helper");
  * @returns Whether the activity was logged
  */
 module.exports = async (
-  actionType,
-  entityType,
-  site,
-  user,
-  entityId,
-  data,
-  timestamp,
-  uniqueActivity,
-  uniqueToUser
+	actionType,
+	entityType,
+	site,
+	user,
+	entityId,
+	data,
+	timestamp,
+	uniqueActivity,
+	uniqueToUser,
 ) => {
-  // Check if the activity already exists
-  if (uniqueActivity) {
-    const exists = await checkActivityExists(
-      entityId,
-      entityType,
-      actionType,
-      uniqueToUser && user ? user.id : null
-    );
-    if (exists) {
-      return false;
-    }
-  }
+	// Check if the activity already exists
+	if (uniqueActivity) {
+		const exists = await checkActivityExists(
+			entityId,
+			entityType,
+			actionType,
+			uniqueToUser && user ? user.id : null,
+		);
+		if (exists) {
+			return false;
+		}
+	}
 
-  // Log the activity
-  const activity = {
-    Id: uuid.v1(),
-    Type: actionType,
-    Timestamp: timestamp || moment.utc().valueOf(),
-    EntityType: entityType,
-    SubjectId: entityId,
-    UserId: user.id,
-    User: user,
-    Site: site,
-    EntityId: getRowId(entityId, entityType),
-    ActivityId: getMultiRowId([entityId, entityType, actionType]),
-    Data: data,
-  };
+	// Enrich analytics events with the user's site-specific role type and category.
+	// Always resolved here via getRole rather than expecting callers to provide them because:
+	// 1. Most callers can't — stream handlers only have minimal embedded objects with no
+	//    type/category fields.
+	// 2. user.type only carries the primary role, not the site-specific role.
+	// 3. user.category doesn't exist on the user object — category (staff/primary/linked)
+	//    lives on the role record.
+	// Centralising here avoids burdening call sites with role resolution and guarantees
+	// accuracy (always reads current role, not potentially stale caller-provided values).
+	// getRole is a DynamoDB point-read (~5ms) and this runs async, so no user-facing latency impact.
+	let userType = null;
+	let userCategory = null;
 
-  await updateRef(`analytics`, activity);
-  return true;
+	try {
+		const role = await getRole(site, user.id);
+		if (role) {
+			userType = role.type || null;
+			userCategory = role.category || null;
+		}
+	} catch (e) {
+		// getRole failed — fall through to master fallback below
+	}
+
+	// Best-effort fallback: user.type is set from primary role, may not always be present
+	if (!userType && user.type === "master") {
+		userType = "master";
+		userCategory = "master";
+	}
+
+	// Log the activity
+	const activity = {
+		Id: uuid.v1(),
+		Type: actionType,
+		Timestamp: timestamp || moment.utc().valueOf(),
+		EntityType: entityType,
+		SubjectId: entityId,
+		UserId: user.id,
+		User: user,
+		Site: site,
+		EntityId: getRowId(entityId, entityType),
+		ActivityId: getMultiRowId([entityId, entityType, actionType]),
+		Data: data,
+		userType,
+		userCategory,
+	};
+
+	await updateRef(`analytics`, activity);
+	return true;
 };

package/db/analytics/scheduleOldAggregation.js

@@ -2,19 +2,19 @@ const updateRef = require("../common/updateRef");
 const { getRowId } = require("../../helper");
 
 module.exports = (date, site) => {
-  return new Promise((resolve, reject) => {
-    const schedule = {
-      Id: getRowId(site, date),
-      Date: date,
-      Site: site,
-    };
+	return new Promise((resolve, reject) => {
+		const schedule = {
+			Id: getRowId(site, date),
+			Date: date,
+			Site: site,
+		};
 
-    updateRef(`analyticsqueue`, schedule)
-      .then(() => {
-        resolve();
-      })
-      .catch((error) => {
-        reject(error);
-      });
-  });
+		updateRef(`analyticsqueue`, schedule)
+			.then(() => {
+				resolve();
+			})
+			.catch((error) => {
+				reject(error);
+			});
+	});
 };

package/db/auth/getSiteSetting.js

@@ -1,16 +1,16 @@
 const getRef = require("../common/getRef");
 
 module.exports = async (site, key) => {
-  return new Promise((resolve, reject) => {
-    getRef("sites", "Id", site)
-      .then((item) => {
-        if (item && item.Settings) {
-          return resolve(item.Settings[key]);
-        }
-        return resolve(undefined);
-      })
-      .catch((error) => {
-        return resolve(undefined);
-      });
-  });
+	return new Promise((resolve, reject) => {
+		getRef("sites", "Id", site)
+			.then((item) => {
+				if (item && item.Settings) {
+					return resolve(item.Settings[key]);
+				}
+				return resolve(undefined);
+			})
+			.catch((error) => {
+				return resolve(undefined);
+			});
+	});
 };

package/db/auth/getSiteUserTypes.js

@@ -1,21 +1,21 @@
 const indexQuery = require("../common/indexQuery");
 
 module.exports = async (site) => {
-  return new Promise((resolve, reject) => {
-    const query = {
-      IndexName: "UserTypesSiteIndex",
-      KeyConditionExpression: "site = :site",
-      ExpressionAttributeValues: {
-        ":site": site,
-      },
-    };
+	return new Promise((resolve, reject) => {
+		const query = {
+			IndexName: "UserTypesSiteIndex",
+			KeyConditionExpression: "site = :site",
+			ExpressionAttributeValues: {
+				":site": site,
+			},
+		};
 
-    indexQuery("usertypes", query)
-      .then((res) => {
-        resolve(res.Items);
-      })
-      .catch((error) => {
-        reject(error);
-      });
-  });
+		indexQuery("usertypes", query)
+			.then((res) => {
+				resolve(res.Items);
+			})
+			.catch((error) => {
+				reject(error);
+			});
+	});
 };

package/db/auth/getUserAuth.js

@@ -2,17 +2,17 @@ const getRef = require("../common/getRef");
 const _ = require("lodash");
 
 module.exports = (id) => {
-  return new Promise((resolve, reject) => {
-    getRef("users", "Id", id).then((data) => {
-      if (_.isEmpty(data.Roles)) {
-        return resolve([
-          {
-            site: data.site,
-            type: data.type,
-          },
-        ]);
-      }
-      return resolve(data.Roles);
-    });
-  });
+	return new Promise((resolve, reject) => {
+		getRef("users", "Id", id).then((data) => {
+			if (_.isEmpty(data.Roles)) {
+				return resolve([
+					{
+						site: data.site,
+						type: data.type,
+					},
+				]);
+			}
+			return resolve(data.Roles);
+		});
+	});
 };

package/db/automatedactions/getActionBySiteTrigger.js

@@ -1,14 +1,14 @@
 const indexQuery = require("../common/indexQuery");
 
 module.exports = async (site, trigger = null) => {
-  const query = {
-    IndexName: "SiteIndex",
-    KeyConditionExpression: "Site = :site",
-    ExpressionAttributeValues: {
-      ":site": site,
-    },
-  };
+	const query = {
+		IndexName: "SiteIndex",
+		KeyConditionExpression: "Site = :site",
+		ExpressionAttributeValues: {
+			":site": site,
+		},
+	};
 
-  const { Items } = await indexQuery("automatedactions", query);
-  return trigger ? Items.filter((i) => i.Trigger === trigger) : Items;
+	const { Items } = await indexQuery("automatedactions", query);
+	return trigger ? Items.filter((i) => i.Trigger === trigger) : Items;
 };

package/db/common/deleteRef.js

@@ -3,27 +3,27 @@ const dynamoDb = new AWS.DynamoDB.DocumentClient({ convertEmptyValues: true });
 const { log, generateLogId } = require("../../helper");
 
 module.exports = async (table, key, value) => {
-  return new Promise((resolve, reject) => {
-    const logId = generateLogId();
-    const params = {
-      TableName: `${process.env.tablePrefix}${table}`,
-      Key: {},
-    };
-    params.Key[key] = value;
+	return new Promise((resolve, reject) => {
+		const logId = generateLogId();
+		const params = {
+			TableName: `${process.env.tablePrefix}${table}`,
+			Key: {},
+		};
+		params.Key[key] = value;
 
-    // log("deleteRef", "Params", JSON.stringify(params), logId);
+		// log("deleteRef", "Params", JSON.stringify(params), logId);
 
-    // write the todo to the database
-    dynamoDb.delete(params, (error, data) => {
-      // handle potential errors
-      if (error) {
-        log("deleteRef", "Error", error, logId);
-        reject(error);
-        return;
-      }
-      // log("deleteRef", "Success", "Deleted item", logId);
-      resolve(data);
-      return;
-    });
-  });
+		// write the todo to the database
+		dynamoDb.delete(params, (error, data) => {
+			// handle potential errors
+			if (error) {
+				log("deleteRef", "Error", error, logId);
+				reject(error);
+				return;
+			}
+			// log("deleteRef", "Success", "Deleted item", logId);
+			resolve(data);
+			return;
+		});
+	});
 };